package com.boo4g.center.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * 新版的security默认启用了csrf检验，要在eureka服务端那边配置security的csrf检验为false
 */
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	protected void configure(HttpSecurity http) throws Exception {

		http.csrf().disable();//关闭csrf
		http.csrf().ignoringAntMatchers("/eureka/**");
		http.csrf().ignoringAntMatchers("/**").and().authorizeRequests().anyRequest()
				.authenticated().and().httpBasic();
		super.configure(http);
	}


}
 
	
